From 52e90022bf95f215c35b66c8177437b9f70873bd Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 11 Jan 2005 20:09:59 +0000 Subject: r4691: Make the DCE-RPC bind code compleatly generic to the number of passes that the GENSEC mechanism wishes to select. It is of course up to the GENSEC mech and the remote server to actually support this however... Andrew Bartlett (This used to be commit 7200a01545e14a8b0c90fadf3c27933dd1f4359f) --- source4/librpc/rpc/dcerpc_auth.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) (limited to 'source4/librpc/rpc') diff --git a/source4/librpc/rpc/dcerpc_auth.c b/source4/librpc/rpc/dcerpc_auth.c index c506c8fd4c..c0b72b6842 100644 --- a/source4/librpc/rpc/dcerpc_auth.c +++ b/source4/librpc/rpc/dcerpc_auth.c @@ -75,14 +75,21 @@ NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p, uint8_t auth_type, uint8_t auth status = gensec_update(p->conn->security_state.generic_state, tmp_ctx, null_data_blob, &credentials); - if (!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - goto done; - } p->conn->security_state.auth_info->credentials = credentials; - status = dcerpc_bind_byuuid(p, tmp_ctx, uuid, version); - if (!NT_STATUS_IS_OK(status)) { + if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + /* We are demanding a reply, so use a request that will get us one */ + status = dcerpc_bind_byuuid(p, tmp_ctx, uuid, version); + if (!NT_STATUS_IS_OK(status)) { + goto done; + } + } else if (NT_STATUS_IS_OK(status)) { + /* We don't care for the reply, so jump to the end */ + status = dcerpc_bind_byuuid(p, tmp_ctx, uuid, version); + goto done; + } else { + /* Something broke in GENSEC - bail */ goto done; } @@ -90,7 +97,8 @@ NTSTATUS dcerpc_bind_auth(struct dcerpc_pipe *p, uint8_t auth_type, uint8_t auth status = gensec_update(p->conn->security_state.generic_state, tmp_ctx, p->conn->security_state.auth_info->credentials, &credentials); - if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + if (!NT_STATUS_IS_OK(status) + && !NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { break; } -- cgit